Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1f6073-87b2-4bb3-acb7-5c3db98bf864/1/PFan5kmge75F7x9bjaOEQmGzvZs.roa
File: PFan5kmge75F7x9bjaOEQmGzvZs.roa (raw, json)
Hash identifier: lLg1jT/I+qGkBxS/DjgD8mXUPkWI/CWIO/SiUFD0I/o=
Subject key identifier: 3C:56:A7:E6:49:A0:7B:BE:45:EF:1F:5B:8D:A3:84:42:61:B3:BD:9B
Certificate issuer: /CN=5598ae5d5f12825a84e6c401c013ca5e5dcd9ec9
Certificate serial: 0185704BC4194F2571038C86B262D9170ADF
Authority key identifier: 55:98:AE:5D:5F:12:82:5A:84:E6:C4:01:C0:13:CA:5E:5D:CD:9E:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VZiuXV8SglqE5sQBwBPKXl3Nnsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1f6073-87b2-4bb3-acb7-5c3db98bf864/1/PFan5kmge75F7x9bjaOEQmGzvZs.roa
Signing time: Mon 02 Jan 2023 02:24:51 +0000
ROA not before: Mon 02 Jan 2023 02:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208115
IP address blocks: 45.157.55.0/24 maxlen: 24
45.157.53.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c4:19:4f:25:71:03:8c:86:b2:62:d9:17:0a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5598ae5d5f12825a84e6c401c013ca5e5dcd9ec9
Validity
Not Before: Jan 2 02:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c56a7e649a07bbe45ef1f5b8da3844261b3bd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3f:4e:18:da:62:5d:45:d6:df:e1:3a:58:79:
c7:7d:3b:28:4a:21:65:1d:fe:75:83:f3:e0:9e:08:
7b:b9:3b:5e:59:d2:db:f3:f8:76:d2:ef:55:86:73:
74:5b:75:02:59:c5:8d:1e:f6:4e:a3:cd:da:9f:ea:
76:86:c6:79:19:47:ac:a3:8f:cb:71:bc:a8:81:86:
41:da:0d:c4:f1:16:50:75:e0:38:35:13:1b:ab:39:
e9:e6:dd:ba:e0:23:be:d1:10:4e:1e:8e:a0:65:87:
65:07:fa:9c:bb:4d:b1:70:6e:16:e7:33:5f:2d:d0:
da:15:1d:09:a2:42:67:08:4a:17:00:2e:53:a1:7a:
da:4b:09:0d:76:ba:fa:26:61:2a:7a:39:0e:f0:9f:
4b:dd:17:f8:38:f6:65:57:34:85:71:4a:9a:b8:8f:
f4:38:53:59:c9:5e:73:19:62:2a:76:33:c7:1f:ac:
0d:2b:32:a7:52:23:e3:fa:23:74:0b:f8:60:99:c7:
b4:0f:04:c7:0f:1e:dd:ff:7a:f0:f2:93:fa:7e:f4:
75:3e:1c:51:da:60:6f:1b:5a:a6:88:79:b3:ec:9e:
98:50:6d:81:52:e5:ff:01:ff:a4:db:3f:52:6b:db:
76:08:63:bd:76:d1:3f:89:ba:0a:94:14:a2:12:f3:
70:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:56:A7:E6:49:A0:7B:BE:45:EF:1F:5B:8D:A3:84:42:61:B3:BD:9B
X509v3 Authority Key Identifier:
keyid:55:98:AE:5D:5F:12:82:5A:84:E6:C4:01:C0:13:CA:5E:5D:CD:9E:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VZiuXV8SglqE5sQBwBPKXl3Nnsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1f6073-87b2-4bb3-acb7-5c3db98bf864/1/PFan5kmge75F7x9bjaOEQmGzvZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1f6073-87b2-4bb3-acb7-5c3db98bf864/1/VZiuXV8SglqE5sQBwBPKXl3Nnsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.53.0/24
45.157.55.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:82:c4:55:20:98:a8:55:27:7e:d2:99:2b:68:4f:b3:f4:af:
fa:08:d6:00:c2:e5:fa:ec:2c:35:0d:38:62:e5:8d:3d:cb:db:
cb:68:48:7a:88:fd:7b:a0:aa:6f:e3:24:41:3b:b1:29:79:96:
d3:a1:9d:89:96:ea:9a:b0:1f:e9:fa:a8:f8:cc:35:d3:29:9c:
97:fc:b5:8a:91:c8:94:92:45:33:20:79:13:b3:8b:d5:e2:29:
1e:2c:00:4d:77:ef:b5:f1:2c:33:d6:c9:d5:34:cd:f2:11:85:
9b:d5:4c:aa:20:f0:8b:8a:39:e7:dd:23:7d:6e:bf:19:4c:f8:
3b:23:eb:f0:38:a9:43:0a:70:e8:de:77:84:16:54:9f:53:a9:
d0:6b:ac:43:90:80:ef:96:80:8f:87:f8:86:e8:b1:fe:f6:e3:
26:d4:c7:ae:31:7c:c1:66:7c:36:88:92:ef:4c:f8:49:dd:1a:
28:8d:13:cc:19:3e:a9:b5:c0:6a:df:5f:a0:5b:92:c9:cb:b1:
21:22:e8:90:93:de:9e:3d:1c:2b:ee:02:89:4d:ac:ee:73:20:
42:8f:64:b7:fb:67:93:a5:29:bf:06:b5:70:60:95:0b:34:e4:
b9:31:e0:77:12:31:32:d3:45:a0:05:50:4f:67:48:f5:9d:99:
19:b6:6b:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwS8QZTyVxA4yGsmLZFwrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1OThhZTVkNWYxMjgyNWE4NGU2YzQwMWMwMTNjYTVlNWRj
ZDllYzkwHhcNMjMwMTAyMDIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU2YTdlNjQ5YTA3YmJlNDVlZjFmNWI4ZGEzODQ0MjYxYjNiZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij9OGNpiXUXW3+E6WHnHfTsoSiFl
Hf51g/Pgngh7uTteWdLb8/h20u9VhnN0W3UCWcWNHvZOo83an+p2hsZ5GUeso4/L
cbyogYZB2g3E8RZQdeA4NRMbqznp5t264CO+0RBOHo6gZYdlB/qcu02xcG4W5zNf
LdDaFR0JokJnCEoXAC5ToXraSwkNdrr6JmEqejkO8J9L3Rf4OPZlVzSFcUqauI/0
OFNZyV5zGWIqdjPHH6wNKzKnUiPj+iN0C/hgmce0DwTHDx7d/3rw8pP6fvR1PhxR
2mBvG1qmiHmz7J6YUG2BUuX/Af+k2z9Sa9t2CGO9dtE/iboKlBSiEvNwCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDxWp+ZJoHu+Re8fW42jhEJhs72bMB8GA1UdIwQY
MBaAFFWYrl1fEoJahObEAcATyl5dzZ7JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlppdVhWOFNnbHFFNXNRQndCUEtYbDNObnNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xZjYwNzMtODdiMi00YmIzLWFjYjct
NWMzZGI5OGJmODY0LzEvUEZhbjVrbWdlNzVGN3g5YmphT0VRbUd6dlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xZjYwNzMtODdiMi00YmIzLWFjYjctNWMzZGI5OGJmODY0
LzEvVlppdVhWOFNnbHFFNXNRQndCUEtYbDNObnNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ01AwQA
LZ03MA0GCSqGSIb3DQEBCwUAA4IBAQB9gsRVIJioVSd+0pkraE+z9K/6CNYAwuX6
7Cw1DThi5Y09y9vLaEh6iP17oKpv4yRBO7EpeZbToZ2JluqasB/p+qj4zDXTKZyX
/LWKkciUkkUzIHkTs4vV4ikeLABNd++18Swz1snVNM3yEYWb1UyqIPCLijnn3SN9
br8ZTPg7I+vwOKlDCnDo3neEFlSfU6nQa6xDkIDvloCPh/iG6LH+9uMm1MeuMXzB
Znw2iJLvTPhJ3RoojRPMGT6ptcBq31+gW5LJy7EhIuiQk96ePRwr7gKJTazucyBC
j2S3+2eTpSm/BrVwYJULNOS5MeB3EjEy00WgBVBPZ0j1nZkZtmtr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:14 2025 by rpki-client